Whether you are staying at home to remain safe from the coronavirus or working from home due to stay at home directives from your employer, more people are using their home computers more often since March of 2020.
According to Malwarebytes analysts, the “bad actor” scammers know that more home computers are being used more often and have ramped up their attacks on home computers.
- Some malware attacks try to lure you with COVID-19 protective products like masks, fake Johns Hopkins maps, information about the virus that looks as if it comes from reliable sources like UNICEF. Their malware may put key loggers and password stealing software on your computers.
- Some malware attacks try to impersonate legitimate companies (like Amazon, your bank, your internet provider, your email service, etc.) and ask you to log into your account from a link in the email. The bad actors are phishing for your logon credentials using social engineering techniques, usually claiming there is a security problem with your account.
- Some bad actors try to steal your credit card information when you shop online at untrustworthy websites.
- Some malware attacks redirect your browser to their bogus website from an advertising space on a legitimate website or pop-up ads in the notification area of your computer. These are usually designed to let the bad actor into your computer.
What can you do to protect yourself?
- Avoid clicking on links or opening attachments in emails that offer you products or information about the COVID-19 virus.
- Do NOT give your logon credentials or financial accounts to any emails phishing for this information. Check that the URL of links goes to the company website it claims to represent. A reliable company will NEVER ASK for this information in an email (or on the phone, for that matter).
- Use a trusted wallet app, like PayPal, for items purchased online. This prevents your credit card from being stored by unsecure vendors.
- Use online shops that you know and trust; do not trust new online selling sources.
- Do NOT engage with any phone number in a pop-up or redirected webpage.
- Use robust security software, like Emsisoft anti-malware or Malwarebytes anti-malware, on your home computer. Scan and quarantine all malware detected on your computer.
- If you think your password has been compromised, change your password – BUT – do it on a device that is trusted, not the same device that was infected by malware.